Skip to content

Privacy Policy for the “Recaught” App

This privacy policy informs you about the processing of personal data in connection with the use of our app “Recaught”. Protecting your data is an important concern to us. Below, we explain which information we collect, how we use it, and what rights you have.

1. Controller

Recaught, Caspar von Velsen-Zerweck
Kückallee 39, 21465 Reinbek, Germany
info@recaught.app

2. Data Collected and Processed

  • Registration and account data: e-mail address, username, first and last name, password (stored in encrypted form), preferred language, favorites lists.
  • Usage and content data: catch and waterbody records entered by the user (e.g., species, time, length, weight, bait details, location description, notes).
  • Location data: geographic coordinates (only with explicit consent via an iOS system popup), used to retrieve local weather information.
  • Device and log data: technical information such as IP address, date and time of requests, error logs.
  • Offline data: cached requests (AsyncStorage) for later synchronization, authentication tokens for login.

3. Purposes of Processing

  • Provision of app features (creating, saving, and analyzing catch records, favorites lists).
  • Authentication and management of user accounts.
  • Retrieval of external weather data based on the current location.
  • Sending system e-mails (e.g., password reset).
  • Improving app stability (caching of requests, error handling).

4. Legal Bases

  • Art. 6(1)(b) GDPR: performance of a contract or pre-contractual measures (provision of the app).
  • Art. 6(1)(a) GDPR: consent, e.g., for the use of location data. This consent is obtained through an iOS system popup and can be withdrawn at any time via the device settings.
  • Art. 6(1)(f) GDPR: legitimate interest in ensuring security and functionality (e.g., error logging, offline storage).

5. Disclosure to Third Parties

  • OpenWeatherMap: transmission of location coordinates for retrieving current weather data.
  • E-mail service provider: sending system messages (e.g., password reset).
  • DigitalOcean LLC, 101 Avenue of the Americas, New York, USA: hosting of the app infrastructure.
  • MongoDB Inc., 1633 Broadway, New York, USA: storage of user data in MongoDB Atlas.

Data processing agreements under Art. 28 GDPR exist with these service providers. Transfers of data to the USA may occur; in such cases, they are based on the EU Standard Contractual Clauses pursuant to Art. 46 GDPR. Further disclosures only take place where required by law or for the enforcement of legal claims.

6. Storage and Retention

  • Account data and catch records are stored for as long as the user account exists.
  • Location data is used only temporarily for weather queries and is not stored permanently.
  • Offline data (cached requests) are deleted once synchronization is successful or the user logs out.
  • Statutory retention obligations remain unaffected.

7. Rights of Data Subjects

Users have the right to:

  • obtain information about stored personal data,
  • rectification of inaccurate data,
  • erasure or restriction of processing,
  • data portability,
  • withdrawal of consent given,
  • lodge a complaint with a data protection supervisory authority.

Competent supervisory authority:
Independent Centre for Privacy Protection Schleswig-Holstein (ULD)
Holstenstraße 98, 24103 Kiel, Germany
https://www.datenschutzzentrum.de/

8. Data Security

The operator implements appropriate technical and organizational measures (e.g., TLS encryption, access restrictions, password hashing) to protect personal data from loss, misuse, or unauthorized access.

9. Contact

For questions regarding data protection or to exercise your rights, please contact:
info@recaught.app

10. Changes to this Privacy Policy

This privacy policy may be amended as necessary. The current version will always be made available within the app and on our website:
https://www.recaught.app/privacy